================================================================= ==2502==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110009b6800 at pc 0x000001f090ef bp 0x7ffc53b64b80 sp 0x7ffc53b64b78 READ of size 8 at 0x6110009b6800 thread T0 #0 0x1f090ee in Ms::ScoreView::testElementDragTransition(QMouseEvent*) /home/antonio/MuseScore/mscore/dragelement.cpp:30 #1 0xc24750 in Ms::ElementDragTransition::eventTest(QEvent*) (/usr/local/bin/mscore+0xc24750) #2 0x7f2f5c7ffb4e in QStateMachinePrivate::selectTransitions(QEvent*, CalculationCache*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x2d2b4e) #3 0x7f2f5c7fda06 in QStateMachinePrivate::_q_process() (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x2d0a06) #4 0x7f2f5c7fe07e in QStateMachinePrivate::handleFilteredEvent(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x2d107e) #5 0x7f2f5c7fe18c in QStateMachine::eventFilter(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x2d118c) #6 0x7f2f5c798bf2 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x26bbf2) #7 0x7f2f62e16024 in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x156024) #8 0x7f2f62e1af0d in QApplication::notify(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x15af0d) #9 0x7f2f5c798e7f in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x26be7f) #10 0x7f2f62e19a32 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer&, bool) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x159a32) #11 0x7f2f62e735d9 (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x1b35d9) #12 0x7f2f62e756da (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x1b56da) #13 0x7f2f62e1604b in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x15604b) #14 0x7f2f62e1a487 in QApplication::notify(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x15a487) #15 0x7f2f5c798e7f in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x26be7f) #16 0x7f2f5d69197a in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Gui.so.5+0xf997a) #17 0x7f2f5d693484 in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Gui.so.5+0xfb484) #18 0x7f2f5d6746a2 in QWindowSystemInterface::sendWindowSystemEvents(QFlags) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Gui.so.5+0xdc6a2) #19 0x7f2f4cd8371f (/home/antonio/Qt/5.6/gcc_64/plugins/platforms/../../lib/libQt5XcbQpa.so.5+0xad71f) #20 0x7f2f58a2ae03 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x48e03) #21 0x7f2f58a2b047 (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x49047) #22 0x7f2f58a2b0eb in g_main_context_iteration (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x490eb) #23 0x7f2f5c7e84e6 in QEventDispatcherGlib::processEvents(QFlags) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x2bb4e6) #24 0x7f2f5c796ef9 in QEventLoop::exec(QFlags) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x269ef9) #25 0x7f2f5c79ed9c in QCoreApplication::exec() (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x271d9c) #26 0x1274406 in main /home/antonio/MuseScore/mscore/musescore.cpp:5256 #27 0x7f2f5af56ec4 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4) #28 0xb07798 (/usr/local/bin/mscore+0xb07798) 0x6110009b6800 is located 0 bytes inside of 232-byte region [0x6110009b6800,0x6110009b68e8) freed by thread T0 here: #0 0x7f2f65c786fa in operator delete(void*) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x956fa) #1 0x396a92d in Ms::Bracket::~Bracket() /home/antonio/MuseScore/build.debug/libmscore/../../libmscore/bracket.h:29 #2 0x349572f in Ms::System::layoutSystem(double) /home/antonio/MuseScore/libmscore/system.cpp:237 #3 0x2fc00c9 in Ms::Score::collectSystem(Ms::LayoutContext&) /home/antonio/MuseScore/libmscore/layout.cpp:2929 #4 0x2fd5610 in Ms::Score::doLayout() /home/antonio/MuseScore/libmscore/layout.cpp:3519 #5 0x3721ad0 in Ms::Score::update() /home/antonio/MuseScore/libmscore/cmd.cpp:191 #6 0x372079e in Ms::Score::endCmd(bool) /home/antonio/MuseScore/libmscore/cmd.cpp:166 #7 0x1246627 in Ms::MuseScore::cmd(QAction*) /home/antonio/MuseScore/mscore/musescore.cpp:4058 #8 0x2629e9c in Ms::MuseScore::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/antonio/MuseScore/build.debug/mscore/moc_musescore.cpp:825 #9 0x7f2f5c7c1cee in QMetaObject::activate(QObject*, int, int, void**) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x294cee) #10 0x26596ae in Ms::ScoreTab::actionTriggered(QAction*) /home/antonio/MuseScore/build.debug/mscore/moc_scoretab.cpp:193 #11 0x2658243 in Ms::ScoreTab::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/antonio/MuseScore/build.debug/mscore/moc_scoretab.cpp:95 #12 0x7f2f5c7c1cee in QMetaObject::activate(QObject*, int, int, void**) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x294cee) #13 0x7f2f62e1048e in QActionGroup::triggered(QAction*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x15048e) #14 0x7f2f62e0c951 in QAction::triggered(bool) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x14c951) previously allocated by thread T0 here: #0 0x7f2f65c781ba in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x951ba) #1 0x3493f30 in Ms::System::layoutSystem(double) /home/antonio/MuseScore/libmscore/system.cpp:213 #2 0x2fc00c9 in Ms::Score::collectSystem(Ms::LayoutContext&) /home/antonio/MuseScore/libmscore/layout.cpp:2929 #3 0x2fd5610 in Ms::Score::doLayout() /home/antonio/MuseScore/libmscore/layout.cpp:3519 #4 0x1d27b7b in Ms::MuseScore::newFile() /home/antonio/MuseScore/mscore/file.cpp:743 #5 0x124f3c2 in Ms::MuseScore::cmd(QAction*, QString const&) /home/antonio/MuseScore/mscore/musescore.cpp:4204 #6 0x12462a8 in Ms::MuseScore::cmd(QAction*) /home/antonio/MuseScore/mscore/musescore.cpp:4056 #7 0x2629e9c in Ms::MuseScore::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /home/antonio/MuseScore/build.debug/mscore/moc_musescore.cpp:825 #8 0x7f2f5c7c1cee in QMetaObject::activate(QObject*, int, int, void**) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Core.so.5+0x294cee) #9 0x7f2f62e1048e in QActionGroup::triggered(QAction*) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x15048e) #10 0x7f2f62e0c951 in QAction::triggered(bool) (/home/antonio/Qt/5.6/gcc_64/lib/libQt5Widgets.so.5+0x14c951) SUMMARY: AddressSanitizer: heap-use-after-free /home/antonio/MuseScore/mscore/dragelement.cpp:30 Ms::ScoreView::testElementDragTransition(QMouseEvent*) Shadow bytes around the buggy address: 0x0c228012ecb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c228012ecc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c228012ecd0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd 0x0c228012ece0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c228012ecf0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa =>0x0c228012ed00:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c228012ed10: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa 0x0c228012ed20: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd 0x0c228012ed30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c228012ed40: fd fd fd fd fa fa fa fa fa fa fa fa fa fa fa fa 0x0c228012ed50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe ==2502==ABORTING